What am I missing? (Again)

Johan Wevers johanw at vulcan.xs4all.nl
Thu Mar 31 09:53:56 CEST 2016


On 31-03-2016 3:41, listo factor wrote:
> On 03/30/2016 12:16 PM, listo factor - listofactor at mail.ru wrote:

> 1) Is it correct that this particular device maker designed a
> sophisticated hardware-based system with the specific purpose of
> thwarting the brute-forcing of ridiculously low-entropy user's
> secret?
> Yes/no?

Both apply here:
Yes they did design such a device.
No they didn't use that in this particular model (iPhone 5c). It is used
in the devices that contain a fingerprint scanner (5s and up).

> 2) Is it possible for the user to circumvent the potential problem
> of the device maker cooperating with his adversary to by-pass this
> protection, simply by using a pass-phrase of an appropriate length?
> Yes/no?

Yes.

> Is anybody on this list user/owner of this device? (as I am not).

Sorry, I don't have an iPhone 5c.

-- 
ir. J.C.A. Wevers
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html




More information about the Gnupg-users mailing list